• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 462
  • Last Modified:

Network penetrating tools.

Hi,   Can someone suggest a good network penetrating tool or a company that provides programs that can test the security of our network.  

Thanks in advance.
0
Victor_Torres
Asked:
Victor_Torres
1 Solution
 
ahoffmannCommented:
nmap.org/ nmap, zenmap
www.metasploit.com/
0
 
SandyCommented:
metasploit with nexpose. as this is free and giving good reports
0
 
HaslerctCommented:
0
 
madunixChief Information Security Officer Commented:
Actually I use Backtrack + Meta for vulnerability

1.      Nessus (Linux if you can) http://www.nessus.org/nessus/
2.      Nikto (Linux) http://www.cirt.net/nikto2
3.      Paros proxy (Linux if you can) http://www.parosproxy.org/index.shtml
4.      Ike-scan (Linux) http://www.nta-monitor.com/tools/ike-scan/
5.      SARA (Security Auditor's Research Assistant) (Linux) http://www-arc.com/sara/
6.      MBSA (discutable) http://technet.microsoft.com/en-us/security/cc184923.aspx
7.      Meta http://www.metasploit.com/
8.      http://www-01.ibm.com/software/awdtools/appscan/

Also find attached the following links (Network-,Website-,Database- and Distributed-Scanner)
http://www.securitywizardry.com/index.php/products/scanning-products/network-scanners.html
http://www.securitywizardry.com/index.php/products/scanning-products/website-scanners.html
http://www.securitywizardry.com/index.php/products/scanning-products/database-scanners.html
http://www.securitywizardry.com/index.php/products/scanning-products/distributed-scanners.html
http://en.wikipedia.org/wiki/BackTrack
http://www.linux-magazine.com/w3/issue/77/BackTrack.pdf



You could look at http://projects.webappsec.org/Web-Application-Security-Scanner-List


Commercial Tools:
----------------------
Acunetix WVS by Acunetix
AppScan by IBM
Burp Suite Professional by PortSwigger
Hailstorm by Cenzic
N-Stalker by N-Stalker
Nessus by Tenable Network Security
NetSparker by Mavituna Security
NeXpose by Rapid7
NTOSpider by NTObjectives
ParosPro by MileSCAN Technologies
Retina Web Security Scanner by eEye Digital Security
WebApp360 by nCircle
WebInspect by HP
WebKing by Parasoft
Websecurify by GNUCITIZEN




 
Software-as-a-Service Providers:
------------------------------------------
AppScan OnDemand by IBM
ClickToSecure by Cenzic
QualysGuard Web Application Scanning by Qualys
Sentinel by WhiteHat
Veracode Web Application Security by Veracode
VUPEN Web Application Security Scanner by VUPEN Security
WebInspect by HP
WebScanService by Elanize KG



Free / Open Source Tools:
-------------------------------
Arachni by Tasos Laskos
Grabber by Romain Gaucher
Grendel-Scan by David Byrne and Eric Duprey
Paros by Chinotec
Andiparos
Zed Attack Proxy
Powerfuzzer by Marcin Kozlowski
SecurityQA Toolbar by iSEC Partners
Skipfish by Michal Zalewski
W3AF by Andres Riancho
Wapiti by Nicolas Surribas
Watcher by Casaba Security
WATOBO by siberas
Websecurify by GNUCITIZEN
Zero Day Scan
0
 
Victor_TorresAuthor Commented:
Thanks for the Information.  We decided to go with Nessus.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now